Disrupt and restraint: The evolution of cyber conflict and the implications for collective security

ABSTRACT

In the last decade, cyber conflict has become a main feature of international politics and a growing concern for strategic stability and collective security. Unfortunately, cyber conflict suffers from a lack of conceptual clarity about its impact on collective security and a lack of consensus among international actors on how to interpret it. This article proposes to understand cyber conflict as an evolving process driven by two factors: the way in which digital space is configured and the way in which tactical, organizational, strategic, and doctrinal characteristics related to cyber have been included in the field of national and international security. Both tend to encourage offensive behavior but also demonstrate features pointing to restraint.

KEYWORDS:

• Collective security
• cyber conflict
• international security

Disclosure statement

No potential conflict of interest was reported by the author.

Notes

1. For example, in the spring and early summer of 2017, Wannacry and NotPetya helped to paralyze many organizations around the world. The damage was not only financial but also showed the fragility of many economic or social activities, not to mention the destruction of a large volume of data. The presence of malware in the Industrial Control Systems (ICS) of certain power plants or oil installations in the Middle East, the United States or South Korea represents significant dangers because of the precedents they could set. Finally, the Distributed Denial of Service (DDoS) attacks against DynDNS (October 2016) using the Botnet Mirai also show the fragility of the entire Internet architecture.

2. Thus, the expansion of the digital domain contributes to the global dynamic density. Meijer and Jensen (2018) have shown the dilemmas that this dynamic presents to strategists.

3. It could be added that the vulnerability of the continental United States – connected to the Internet by several dozens of these submarine cables – is not the same as that of Georgia, which wanted to free itself from the legacy of Soviet-era networks and depends on a single cable from Bulgaria.

4. It can thus be hypothesized that the perpetrators of the hacking, data theft, data destruction and blackmail operation against Sony Entertainment in 2014 did not appreciate what was at stake for President Obama in this case at that moment. Faced with accusations from Congress, because of the link between this case and freedom of expression, and in an asymmetrical configuration with North Korea, the President was able to publicly attribute and respond to the attack. An alternative hypothesis is to say that the hackers did not consider the stakes of the American administration in their calculations and were taking all the risks to produce effects whose impact remains to be determined today. See for example Sharp (2017).

5. Although programed to activate only when a specific hardware and software configuration is present, Stuxnet has infected several tens of thousands of computer workstations, mainly in Asia. The NotPetya campaign attributed to Russia by the Five Eyes governments in the autumn and winter of 2017/2018 was aimed mainly at Ukraine but also caused damage to some Russian actors such as the oil company Rosneft.

6. In 2008–2009, the US federal government developed a Vulnerabilities Equities Process but it remains partially confidential and controversial due to the opacity of its mechanisms and its unilateral nature. In Europe, the debate is more recent but remains marked by the difficulty of coordinating government actions and harmonizing practices. See Delcheva & Soesanto, 2018.

Additional information

Notes on contributors

Stéphane Taillat

Stéphane Taillat is Associate Professor of War and Strategic Studies in the Department of International Relations, St Cyr French Army Academy and a researcher at the Geopolitics of Datasphere Centre of Excellence.